Download Manual - Giegerich & Partner GmbH

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
page
70
page
71
page
72
page
73
page
74
page
75
page
76
page
77
page
78
page
79
Transcript 
gpg4o
Manual
Version 3.5
Table of Contents
Table of Contents
1 General
4
2 System Requirements
5
3 Functional Range
3.1 Versions Functional Range Comparison . . . . .
3.2 After the expiration of the product maintenance .
3.2.1 Trial version . . . . . . . . . . . . . . . . .
3.2.2 Home & Student Version and Full Version
3.3 PGP/MIME . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
6
6
7
7
7
7
4 Installation
4.1 Software . . . . . . . . . . . . .
4.2 Installing gpg4o . . . . . . . . .
4.3 Configuring gpg4o . . . . . . .
4.3.1 Information about gpg4o
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
8
8
8
12
17
5 Licence-Files
5.1 Generating and Importing License-Files . . . . . . . .
5.2 Period of Validity of the License . . . . . . . . . . . . .
5.3 Period of Validity of the Product Maintenance/Support
5.4 Extension of the Product Maintenance . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
19
19
22
22
22
6 Utilizing gpg4o
6.1 Sending Public Keys . . . . . . . . . . . . . . . . . . .
6.2 Importing Public Keys . . . . . . . . . . . . . . . . . .
6.3 Sending Encrypted and/or Signed Messages . . . . .
6.3.1 Manual assignment of keys . . . . . . . . . . .
6.3.2 Virtual Accounts . . . . . . . . . . . . . . . . .
6.4 Receiving of Encrypted and/or Signed Messages . . .
6.5 Sending and Receiving Encrypted Attachments . . . .
6.6 Reply/Forwarding of emails in Outlook 2013 onwards .
6.7 Printing Encrypted Messages . . . . . . . . . . . . . .
6.8 Permanent Decrypted Saving . . . . . . . . . . . . . .
6.9 Hide Send Options . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
24
24
25
26
28
30
30
32
32
33
33
34
7 Key Management
7.1 General Information Regarding Keys
7.2 Overview . . . . . . . . . . . . . . .
7.3 Modifying View . . . . . . . . . . . .
7.4 Filtering Keys . . . . . . . . . . . . .
7.5 Generating New Keys . . . . . . . .
7.6 Deleting Keys . . . . . . . . . . . . .
7.7 Enabling/Disabling Keys . . . . . . .
7.8 Exporting Keys . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
35
35
35
36
37
37
38
38
39
version 3.5
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
1
Table of Contents
7.9 Importing Keys . . . . . . . . . . .
7.10 Key Details . . . . . . . . . . . . .
7.10.1 Summary . . . . . . . . . .
7.10.2 Private Key . . . . . . . . .
7.10.3 Identities/Signing . . . . . .
7.10.4 Public Key . . . . . . . . . .
7.10.5 Define Owner Trust . . . .
7.11 Utilization of Keyservers . . . . . .
7.12 Generating Revocation Certificate
7.13 Applying Revocation Certificate . .
.
.
.
.
.
.
.
.
.
.
39
41
42
43
44
45
46
47
49
50
8 Sending Rules
8.1 Management of Sending Rules . . . . . . . . . . . . . . . . . . . . . . . . . .
8.2 Rule Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
52
52
53
9 Settings
9.1 View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9.1.1 Language . . . . . . . . . . . . . . . . . . . . . . . . . .
9.1.2 Encryption Status . . . . . . . . . . . . . . . . . . . . .
9.1.3 Send Options . . . . . . . . . . . . . . . . . . . . . . . .
9.1.4 Messages . . . . . . . . . . . . . . . . . . . . . . . . . .
9.2 GnuPG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9.2.1 Path to gpg.exe/gpg2.exe . . . . . . . . . . . . . . . . .
9.2.2 GnuPG Version Checking . . . . . . . . . . . . . . . . .
9.2.3 GnuPG Directory . . . . . . . . . . . . . . . . . . . . . .
9.2.4 GnuPG Agent . . . . . . . . . . . . . . . . . . . . . . . .
9.2.5 Buffering of the Passphrase . . . . . . . . . . . . . . . .
9.3 Account Management . . . . . . . . . . . . . . . . . . . . . . .
9.4 Settings for Sending and Receiving . . . . . . . . . . . . . . . .
9.4.1 Domain Based Key Search . . . . . . . . . . . . . . . .
9.4.2 Attachment Send Options . . . . . . . . . . . . . . . . .
9.4.3 Public Folder . . . . . . . . . . . . . . . . . . . . . . . .
9.5 Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9.6 Keyserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9.6.1 Keyserver . . . . . . . . . . . . . . . . . . . . . . . . . .
9.6.2 Autoimport . . . . . . . . . . . . . . . . . . . . . . . . .
9.7 Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9.8 System Information . . . . . . . . . . . . . . . . . . . . . . . . .
9.9 Extended Settings . . . . . . . . . . . . . . . . . . . . . . . . .
9.9.1 Always treat all keys as valid . . . . . . . . . . . . . . .
9.9.2 Insert GnuPG and gpg4o information in outgoing emails
9.9.3 Advanced signature check activation . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
56
56
56
56
57
57
57
58
58
59
59
59
59
61
61
62
62
62
64
65
65
65
67
67
67
68
69
10 Miscellaneous
10.1 What Is to Be Done in Case of Errors? . . . . . . . . . . . . . . . . . . . . . .
10.2 gpg4o does not Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10.2.1 Disabled Application Add-ins . . . . . . . . . . . . . . . . . . . . . . .
70
70
70
71
2
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
version 3.5
Table of Contents
10.2.2 COM-Add-Ins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
R
R
10.2.3 Microsoft Outlook 2013
and Outlook 2016
. . . . . . . . . . . . .
71
71
11 Help Center
11.1 Sending Log-Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
11.2 Contents of Log-Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
73
73
74
12 Uninstalling
12.1 Delete personal Data . . . . . . . . . . . . . . . . .
12.1.1 GnuPG Directory . . . . . . . . . . . . . . .
12.1.2 gpg4o User Directory . . . . . . . . . . . .
R
12.1.3 Microsoft Outlook
Configuration Directory
12.2 Uninstalling under Windows Vista, 7, 8 or 10 . . .
12.3 Uninstalling GnuPG . . . . . . . . . . . . . . . . .
75
75
75
75
75
75
75
13 Contact & Information
version 3.5
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
77
3
1 General
1 General
gpg4o – GPG for Outlook
R
R
, Microsoft Outlook 2013
gpg4o was developed as an add-in for Microsoft Outlook 2010
R
and Microsoft Outlook 2016
and is supported by the 32- as well as by the 64-bit version.
gpg4o assures a safe electronic communication by encrypting and decrypting emails and
their file attachments. Of course, signing and verifying is also possible.
The integrated key management by gpg4o provides the simple and uncomplicated handling
of public keys.
The validity of external keys is verified by means of the Web of Trust function. For this
purpose information of known key owners is used.
4
version 3.5
2 System Requirements
2 System Requirements
In order to be able to utilize gpg4o, your system must fulfill at least the following requirements:
Operating System:
•
•
•
•
Microsoft Windows Vista from SP1 onwards
Microsoft Windows 7
Microsoft Windows 8.x
Microsoft Windows 10
Email program:
R
• Microsoft Outlook 2010
32- or 64-bit version
• Microsoft Outlook 2013 R 32- or 64-bit version
R
• Microsoft Outlook 2016
32- or 64-bit version
GnuPG
• GnuPG 1.4, Version 1.4.19 onwards
• GnuPG 2.0, Version 2.0.29 onwards
• GnuPG 2.1, currently not supported
version 3.5
5
3 Functional Range
3 Functional Range
3.1 Versions Functional Range Comparison
Function
Encrypt, decrypt, sign emails
Simultaneously usable email accounts
Private/commercial use
HTML emails
„Plain-Text“ emails
Display of PGP/MIME emails
Individual sending rules
Decrypted saving of emails
Period support
Period update
Period usability
Test Version
Home &
Student Version
Full version
1
/
optional
/
optional
/
45 days 1
45 days 1
45 days 1
1 year 2
1 year 2
unlimited
1 year 2
1 year 2
unlimited
Supported mail servers
Microsoft Exchange
POP3
IMAP
Outlook.com
Hotmail.com
Supported software
Outlook versions until 2007
Outlook 2010, 32/64 bit
Outlook 2013, 32/64 bit
Outlook 2016, 32/64 Bit
Windows Vista from SP1 onwards, 32 bit
Windows 7, 32/64 Bit
Windows 8.x, 32/64 Bit
Windows 10, 32/64 Bit
Compatible with DATEV installations
1
Extension of the test period is possible on request
2
Depending on the duration of product maintenance (1 year after purchase, afterwards
extensible by purchasing an extension of product maintenance: +1 year, +3 years or +5
years)
6
version 3.5
3 Functional Range
3.2 After the expiration of the product maintenance
3.2.1 Trial version
You can only decrypt emails which were received during the test period. Emails can no
longer be sent encrypted / signed.
3.2.2 Home & Student Version and Full Version
When the product maintenance has expired gpg4o can still be used. That means that you
can continue to send encrypted / signed emails and read encrypted / signed emails. It is
simply no longer possible for you to install new updates or to make use of the support.
3.3 PGP/MIME
gpg4o can send and receive plain text messages and HTML emails as PGP/Inline. In addition PGP/MIME emails can be received and decrypted. It’s also possible to verify PGP/MIME
(„detached signature“) signed emails.
version 3.5
7
4 Installation
4 Installation
4.1 Software
The latest download version of gpg4o can be found at:
http://www.giepa.de/produkte/gpg4o/downloads/
For the use of gpg4o GnuPG is required. You may have GnuPG 1.4 installed during the
first configuration of gpg4o.
Information and the source code of GnuPG can be found at:
http://www.gnupg.org/
The General Public License (GPL) can be found at:
www.gnu.org/licenses/gpl.html
4.2 Installing gpg4o
For the installation you need administrative privileges. Before installing gpg4o please close
R
the application Microsoft Outlook
, as otherwise, there might be problems during installation. Having done this, execute the file „gpg4o_setup.exe“ by double-clicking it.
In the following start-dialog you will be asked to set the installation path. Here the default
setting is normally the best choice. Confirm the installation path by clicking on „NEXT“.
8
version 3.5
4 Installation
In the following dialog you will see the End-User License Agreement. Once you have decided to accept the License Agreement (precondition for the installation), select the radiobutton next to „I accept the terms of the license agreement“ and click „INSTALL“ to
continue the installation.
version 3.5
9
4 Installation
The installation will start now. In doing so, the presence of all required components (for
example .NET Framework 4) is checked. Missing components will then automatically be
installed. As soon as all the necessary components have been installed, the wizard will
continue installing gpg4o.
10
version 3.5
4 Installation
Now the installation of gpg4o is completed. You can start the configuration of gpg4o by
R
restarting Microsoft Outlook
.
version 3.5
11
4 Installation
4.3 Configuring gpg4o
R
Start Microsoft Outlook
now in order to begin the configuration of your new software. The
configuration wizard appears which will help you to set up gpg4o.
In addition you have the possibility of changing the language of gpg4o. Once you have
selected your language, click „Start“ in order to begin the configuration.
12
version 3.5
4 Installation
On the second page of the configuration wizard the required component GnuPG will now
be configured.
View when no valid GnuPG installation could be found.
If GnuPG is already installed on your computer, the path will automatically be entered and
highlighted green. If the installation path of GnuPG cannot be found, the selection will be
highlighted reddish. In this case click „Search“, search on your hard disk for the GnuPG
installation and select the file „gpg.exe“ or „gpg2.exe“ in the GnuPG installation folder.
The installation path should now be highlighted green.
You can also download GnuPG from the Internet and have it installed. For this purpose, click
„Download and install GnuPG“. A folder selection will appear. Please select a directory
version 3.5
13
4 Installation
where GnuPG shall be installed.
Hint:
Please make sure that the directory where GnuPG shall be installed is
empty.
After a successful installation the path will be automatically applied into the settings and you
may continue the configuration.
Alternatively, you can import a backup of gpg4o here (see paragraph 9.7).
Next you will be asked for which email account you want to install gpg4o. This page only
R
appears if you have configured more than one email account in Microsoft Outlook
.
Select the account with which you want to utilize gpg4o. Having done this click „Next >“.
14
version 3.5
4 Installation
Hint:
Further accounts can be configured subsequently in the settings of
gpg4o.
If you have already applied GnuPG before you can now select an existing keypair with which
gpg4o shall sign messages.
If you do not yet have a keypair or if you want to generate a new keypair the page „New
Keypair“ will directly appear instead.
In order to generate a new keypair enter your name first, as shown in the screenshot above,
as well as a passphrase. After having filled all required fields, click „Generate“ and your
new keypair will be generated.
version 3.5
15
4 Installation
If you want to make further settings for your new keypair you can call an advanced dialog
with additional configuration possibilities by clicking „Advanced...“.
Alternatively, you have the possibility of importing a keypair which you have already generated in the past. For this purpose, click „Import...“.
In the advanced settings you may influence the algorithms and the length of the key. The
default setting, however, already offers maximum safety.
Moreover, you can define an expiration date for the key. After this period the key can no
longer be utilized in order to sign or encrypt messages. Decrypting, however, will remain
unaffected.
It is also possible to provisionally generate a revocation certificate if your key gets lost.
You should keep this certificate safe as it is the only possibility to invalidate your key (see
paragraph 7.12).
Last you may also export the keypair. This data backup should be kept very safe. Please
16
version 3.5
4 Installation
mind that the exported keypair may only be utilized with the passphrase which was entered
during generation.
Finally, you will find a brief summary which email account was configured with which keypair
as well as the GnuPG version you utilize.
If you leave the checkmark with „Send testmail“ an encrypted test message will be sent
to you automatically with which you can check the configuration of gpg4o as soon as you
have clicked „Finish“.
After a successful installation you will see a new tab named „gpg4o - GPG for Outlook“, if
R
you look at the menu ribbon in Microsoft Outlook
. Here, you will find the key management,
sending rules and the possibility of modifying your settings.
4.3.1 Information about gpg4o
For more information to gpg4o, please click on „gpg4o-Help“ and „About gpg4o“. In the
following window, you can see information to your license and information to the currently
version 3.5
17
4 Installation
installed version.
18
version 3.5
5 Licence-Files
5 Licence-Files
5.1 Generating and Importing License-Files
After having processed the online-ordering of gpg4o you can manage your licenses via our
web interface (https://licmgmt.giepa.de/). For login you utilize the same access data that
you use in our shop.
In the following menu you can see a summary of your licenses. You can see how many
licenses are at your disposal altogether and how many of them are already utilized or which
of them are still available.
Moreover, you can see the date until which updates will be placed at your disposal.
In order to make alterations to your licensing, click the pen-symbol „Edit“.
version 3.5
19
5 Licence-Files
Now enter the email address you desire. In order to be able to enter several email addresses
at once, separate them from each other with a new line. Email addresses which have already
been entered can be individually adapted via the buttons „Edit“ and „Delete“.
20
version 3.5
5 Licence-Files
Subsequently, you can choose whether you want to download the license file directly or
whether you want to have it sent by email. Alternatively, you can also define by checkmarks to which email addresses the license shall be sent. Here, you can select individual
addresses or all addresses.
R
Now you can import the license. For this purpose open Microsoft Outlook
and choose
„gpg4o – GPG for Outlook“ in the ribbon. There click the button „gpg4o-Help“ and
„About gpg4o“. In the information window appearing now click on „Import license“. A file
selection dialog will appear. Browse to your license and choose „Open“. Now, your license
file is imported and a corresponding message will appear which you can confirm by clicking
„OK“.
It is also possible to import the license file once you have received it by email as file attach-
version 3.5
21
5 Licence-Files
ment. For this purpose click the right mouse button on the file attachment and choose the
item „Import license for gpg4o“ in the context menu.
5.2 Period of Validity of the License
The license of gpg4o entitles you to the unlimited use of gpg4o with the licensed email
address. The period of validity of the license starts with the first download of the license file.
gpg4o is licensed for each real person. Therefore, gpg4o also works with only one license
at several computers as well as with further email addresses within the same installation, as
R
long as the licensed email address is configured within Microsoft Outlook
.
5.3 Period of Validity of the Product Maintenance/Support
During the period of validity of the product maintenance/support you will receive product
updates with numerous new functions of gpg4o. Furthermore, you have the possibility to
make use of the support via email „[email protected]“ in case of questions or
problems.
If the period of validity of the product maintenance/support has elapsed gpg4o can still
be used. That means that you can continue to send encrypted/signed emails and read
encrypted/signed emails as well. However, you do not have the possibility any longer to
install new updates and to contact the support.
5.4 Extension of the Product Maintenance
The team of developers of gpg4o permanently improve the program and integrate customers’ suggestions into new versions. With an extension of the product maintenance you
may obtain new versions of gpg4o which were published after expiration of your product
maintenance/support. In addition, you also extend the possibility of contacting the support
via email. The period of validity of the product maintenance/support is extended by the
number of purchased years of extension. Thus, the expiration date of the product maintenance/support is extended by the purchased years.
Example 1:
Original expiration date: 1st April 2015
On 1st February 2015 you purchase an extension of one year, in the first year after having
bought gpg4o.
Expiration date after having bought the extension: 1st April 2016
Example 2:
Original expiration date: 1st April 2015
On 1st June 2015, after expiration of the product maintenance, you purchase an extension
of one year.
Expiration date after the purchase of the extension: 1st April 2016
Here, you have a loss of 2 months of support and update.
22
version 3.5
5 Licence-Files
Hint:
version 3.5
After having purchased an extension this new, modified license file will
have to be imported once into gpg4o.
23
6 Utilizing gpg4o
6 Utilizing gpg4o
After having configured gpg4o and after having generated corresponding keypairs for your
email accounts you will now have to send your public key to your communication partners.
A keypair consists of two keys: One private-key and one public-key. When generating the
keypair you were asked to enter a passphrase for the keypair.
Attention:
Never pass your passphrase or your private key to another person! Each
person coming into possession of your private key will be able to decrypt
your emails and to sign new messages with your name.
You should keep the passphrase as safe as your other passwords and
never tell it to anyone else.
The following brief example shows the general application of gpg4o:
Person A wants to make encrypted communication with person B. He therefore sends an
email with his public key to person B and asks for his public key. This key exchange has to
be done once for every contact partner.
Person B is now in possession of person A’s public key and is therefore immediately able to
send an encrypted answer. Person B will now answer the demand, attaching his public key
and encrypting the answer with person A’s public key.
Person A then receives person B’s encrypted email and decrypts said email with his own
private key. Person A imports person B’s public key and is now also able to encrypt to person
B.
Hint:
In order to be able to still read the emails sent by oneself, the own public
key is always utilized to encrypt emails.
6.1 Sending Public Keys
In order to permit sending you encrypted emails you will have to distribute your public key to
those persons which whom you intend to write encrypted messages in the future.
For this purpose you are kindly asked to generate a new email and to click the button below
„Attach my public key“. In doing so, your public key will be enclosed with this email as
attachment. If desired, place a checkmark in the button „Sign“ in order to digitally sign
your email. If your communication partner has already imported your public key it is not
necessary to send the key another time.
24
version 3.5
6 Utilizing gpg4o
Please keep in mind that when directly sending emails, the standard options you have chosen will be utilized unless you have defined sending rules (see paragraph 8).
Hint:
Pay attention whenever you are sending emails wether they should be
encrypted or not.
The public key can be imported by all current encryption tools, which support the OpenPGPstandard. It only comprises the public part of the keypair, not the private one.
6.2 Importing Public Keys
If your communication partner sends you a key as an attachment of an email you may click
the right mouse button and click the entry „Import public key“ in the appearing context
menu in order to import the key to your key management.
version 3.5
25
6 Utilizing gpg4o
Alternatively, you have the possibility in the key management to import the key from a keyserver (see paragraph 7.11).
As soon as you have imported the public key you can send encrypted messages to this
person and also verify signatures of his emails. This exchange of the public key must be
made once with every communication partner with whom you intend to exchange encrypted
emails.
6.3 Sending Encrypted and/or Signed Messages
You can now send encrypted and/or signed emails. In order to guarantee the best possible compatibility with all current email programs you should write your emails in Plain-Text
format. Of course, you also have the possibility of sending emails in HTML format. A corresponding selection possibility will appear as soon as you choose the option „Encrypt“ or
„Sign“.
If you want to define your selection as default you will have to enable the checkmark „Don’t
ask me again“.
26
version 3.5
6 Utilizing gpg4o
Hint:
In the account settings (see paragraph 9.3) you can reset this option.
If you write an email the gpg4o send options will be displayed to you under the menu ribbon.
Here, you can define whether your emails shall be encrypted and/or signed and whether your public
key shall be attached to the email.
Before sending an email enable the button „Sign“, if you want to send it signed or „Encrypt“, if you want to send it encrypted. If you enable both buttons your email will be sent
encrypted and signed.
Please also pay attention to the status „Encrypt (only attachments)“, which is selected by
pressing the button „Encrypt“ again. This status can also be combined with „Sign“, in this
case, however, the message will only be signed while the attachments will be encrypted and
signed.
Furthermore, the send options will show you whether you have all required public keys for
the recipients of the email. However, this will only be done if the send options „Encrypt“ or
„Encrypt (only attachments)“ are active.
If all public keys for the entered recipients are available this will be symbolized by a green
key in the send options bar. If you do not have all public keys this will be shown to you by
means of a red key.
If you have entered a keyserver in the setting „Autoimport“ (see paragraph 9.6.2) the
version 3.5
27
6 Utilizing gpg4o
missing keys will be searched on the indicated server and will be imported automatically
into your keyring.
After having written the message completely and having selected the send options, click
„Send“ as usual. If there are problems when sending the email (like unusable keys) you will
be notified by gpg4o.
If you have selected the message to be sent signed you will now be asked to enter your
passphrase. For this purpose please use the passphrase which you have selected for your
key during the configuration of gpg4o.
Hint:
For all actions requiring the utilization of your private key you will be asked
for your passphrase. If you permit gpg4o to remember the passphrase
you will only be asked for it again if the indicated period of time has
elapsed since the last utilization of the private key.
Actions requiring the private key are as follows:
•
•
•
•
•
•
Signing messages, attachments or keys
Decrypting of messages and attachments
Generating revocation certificates
Modification of the passphrase
Adding Identities
Setting the primary Identity
6.3.1 Manual assignment of keys
While composing an encrypted email it will be shown, if there is a appropriate key available
for every recipient. If there is an autoimport-keyserver configured, it will be used to search
for missing keys and if a suitable key was found, it will be imported automatically.
If no appropriate key was found, neither in your keyring nor the keyserver, this will be shown
with a red key in the send options panel. If this key is green, then the appropriate key for
every recipient could be determined.
28
version 3.5
6 Utilizing gpg4o
With a click on the key symbol or on the text alongside the symbol, the key selection dialog will be opened. Here you are now able to assign a specific key to a specific recipient
manually.
Here the background of the email addresses is colored according to the following system:
• Green: An appropriate key is available
• Yellow: There are at least two appropriate keys available
• Red: No appropriate key available
Now you can assign one or more keys to the different email addresses.
If each email address has been given a key and none of the lines are marked red or yellow,
you can close the Dialog by clicking the button „OK“. The email can now be encrypted and
sent.
version 3.5
29
6 Utilizing gpg4o
6.3.2 Virtual Accounts
While composing a new email you can select from which account you want to send your
email, by clicking on the „From“ button. For every email address listed there, gpg4o will
create a virtual account. This virtual account can be configured in your settings by opening
the account management. (see paragraph 9.3) Therefore you are able to use gpg4o for
every single virtual account.
Hint:
If an email address is deleted inside the „From“ field, the corresponding
virtual account will be deleted.
6.4 Receiving of Encrypted and/or Signed Messages
If you receive an encrypted and/or signed email another pane will be shown below the
reading pane. Here, you can now read the emails decrypted or without signature blocks.
30
version 3.5
6 Utilizing gpg4o
1. Decrypted attachment and public key of Mr. Doe
2. Actions and decryption status
• Save email decrypted
• Print preview
• Signed
• Encrypted / Forget cached passphrase
The symbols signalize whether the email was received as encrypted or signed email. Here
certain actions (see 2) are at your disposal. For example you may save the message permanently decrypted or open the print preview of the decrypted message (see paragraph 6.7).
For this purpose simply click the corresponding symbol.
The colored box on the left shows information about the validity of the signature and status
of the encryption.
Three colors are used to be able to see the status faster:
• Green means that the email was correctly encrypted. If the email was also signed, this
color shows that the body and attachment were not changed in the sending process.
• Turquoise means that the signed key is unknown or the key has not been validated/signed. (see section 7.10.3)
• Red means that the email could not be decrypted or the message and/or your attachments have been changed during the exchange.
• Yellow means that the senders address could not be found in the identities of the key.
version 3.5
31
6 Utilizing gpg4o
Not only does gpg4o check if the message has been changed, but also if the email of the
sender fits to the signed key. This check compares the email address of the sender and the
identities of the signing key.
If the senders address is not in the identities of the signing key, then the status display is
highlighted in yellow.
6.5 Sending and Receiving Encrypted Attachments
As soon as you send an encrypted email which contains an attachment gpg4o will do the
rest for you quite automatically. You can attach files to your emails as normal without having to worry about the details. As soon as the check mark is placed with „Encrypt“ all
attachments will be encrypted as well in addition to the text of the email.
If you have received an encrypted email with attachment you can either save the encrypted
attachment or open it directly. For this purpose the context menu (Click right mouse button
on the attachment) offers you the options „Preview“, „Open“, „Save as...“ and „Save all
attachments...“.
Alternatively, you may also save the attachment in a folder by drag and drop.
With the option „Preview“ or with a simple click on the attachment it will be shown in the
R
display as you know it from Microsoft Outlook
.
6.6 Reply/Forwarding of emails in Outlook 2013 onwards
R
If you want to answer or forward an encrypted email in Microsoft Outlook 2013
or Outlook
R
2016 , the answer to be written will not open in a window of its own by default. Thus, there
will not be all functions of gpg4o at your disposal. In order to be able to make use of all
functions the email has to get a window of its own. If this occurs gpg4o will point it out to
32
version 3.5
6 Utilizing gpg4o
you.
If you do not want to be informed of this fact again place the check mark with „Do not
remind me again“. Via the button „OK“ you continue the action.
6.7 Printing Encrypted Messages
For printing an encrypted message, said message has to be decrypted before (see paragraph 6.4).
Having done that you have two possibilities of printing your decrypted message. If you have
your reading pane on the right side you can print the email by clicking the symbol „Print
preview“.
Otherwise you can also open the email by double-click and print it there as usual with the
button combination Ctrl+P or by clicking „File“ and then „Print“.
Hint:
In the test version printing of encrypted messages is not possible via the
button shown above.
6.8 Permanent Decrypted Saving
For simpler archiving gpg4o also offers the possibility to save messages with permanent
decryption.
For this purpose click the symbol „Save email decrypted“ in the reading pane of gpg4o.
Attention:
version 3.5
If the email is still located in a synchronized folder the message will become also readable on the server. You should therefore utilize this function with corresponding care. Please note that this feature is not available
in an Home & Student Version.
33
6 Utilizing gpg4o
6.9 Hide Send Options
In order to put more space at your disposal for the email editor you can fold up the send
options or hide them completely.
If gpg4o is enabled for utilization with an account you can fold up the send options via the
button with the arrow in the right upper corner of the send options bar and also fold it down
again.
The send options remember the last state so that when creating another email they will be
displayed to you in the same way as before.
If the account is not configured for utilization with gpg4o a button will be shown instead of
the arrow with an „X“. If you click on it the send options will not be shown any longer in the
future in case of inactive accounts.
You can undo this in the settings on the page „View“ (see paragraph 9.1.3).
34
version 3.5
7 Key Management
7 Key Management
With the key management of gpg4o you can manage the keys generated or imported by
you. You can also look at all key details, generate new keys, revoke old keys, delete and
much more.
7.1 General Information Regarding Keys
As we often use some OpenPGP-specific terms we would first of all like to give you a brief
explanation of those terms.
Every „Keypair“ consists of a private and a public key. The public key is calculated from the
private key, inversely, however, this is not possible. That is why you as a key owner always
own the public and the private key, your communication partners, however, only have your
public key.
Your communication partners encrypt messages to you with your public key. You then decrypt them again with the private key. For signatures the principle is exactly the other way
around. You sign a message with your private key, the recipient checks the signature with
your public key.
In addition, every key comprises one „Primary key“ and an optional number of „Subkeys“. If you generate a key with gpg4o one subkey will always be generated as well,
other OpenPGP applications, however, can generate a much greater number of subkeys.
In gpg4o they will only be indicated for the sake of completeness, for you as a user, they
actually have hardly any importance.
Furthermore, a key is provided with one or more „User-IDs“ which corresponds to a description of the key which can be read by human beings. Such a User-ID usually consists
of the owner’s complete name and his email address. As one key may have more than one
User-IDs it can also be utilized for more than one email address.
7.2 Overview
In order to open the key management of gpg4o please click „gpg4o - GPG for Outlook“
R
in the menu ribbon of Microsoft Outlook
and then „Key management“.
version 3.5
35
7 Key Management
In the overview you can see all the keys which are contained in your keyring. Here, your
own keys as well as imported keys will be displayed to you.
Most actions can be performed in several ways. The two most important methods for performing an action are the menu ribbon in the upper section of the key management and the
context menu which you get to when clicking the right mouse button on the selected key(s).
Furthermore, many actions can also be applied simultaneously for more than one keys. To
this end simply select several keys with the button Ctrl and select or deselect further keys.
7.3 Modifying View
In the menu ribbon of the key management you can set via „View“ which columns you want
to show or hide, respectively.
36
version 3.5
7 Key Management
Moreover, the columns can be sorted. If you want to sort the view by means of a column,
simply click the column title. Every further click on the same column reverses the sorting.
7.4 Filtering Keys
In addition, you have the possibility of filtering the view. For this purpose enter a search
term into the field „Search key in you local keyring...“ in order to show only suitable keys.
Such a search term may be an email address or a name for example or only a part of it.
7.5 Generating New Keys
In order to generate another keypair, please click the option „New key“ in the menu ribbon
„Start“. In the dialog appearing then please enter the required data as you have already
done when configuring gpg4o.
version 3.5
37
7 Key Management
If you want to set further options such as the expire date for the new key please click „Advanced settings“. As soon as you have entered all required data, click „Generate“.
Hint:
The generation of the keypair may take a little time.
7.6 Deleting Keys
In order to delete a key you have to select it and choose the option „Delete key“ in the
menu ribbon „Start“. Alternatively, you can press the button „Delete“.
Attention:
Please mind that the deletion of a key is irreversible. However, you can
import a key again which you have exported before.
Hint:
If you delete a keypair, the private as well as the public key will be deleted.
If the keypair to be deleted is stored in the gpg4o settings of an account
this setting becomes invalid. In this case gpg4o will open the settings
dialog after deletion in order to permit you the selection of another keypair.
7.7 Enabling/Disabling Keys
If you disable a key it will not be used for encrypting any longer. This makes sense, if you
have more than one public key for the same email address of one contact if, however, you
only utilize one of the public keys for encrypting. All further actions will remain unaffected.
For disabling one or several keys you select them and click in the menu ribbon on the button
„Disable key“. Contrarily, you can enable those keys again which you have disabled before
by means of the button „Enable key“.
38
version 3.5
7 Key Management
Hint:
If the keypair to be disabled is stored in the gpg4o settings for one account this setting will become invalid. In this case gpg4o will open the
settings dialog after disabling in order to let you select another keypair.
7.8 Exporting Keys
Apart from the sending of your own public key (see paragraph 6.1) you can export your own
keys or those of your contacts, respectively, here in the key management, too.
Choose the key(s) you want to export and click on „Export key“ in the menu. You can
export the key(s) into the file system or into the clipboard.
An export into the file system is logical if you want to transfer the key(s) to another computer
or onto your smartphone.
You will be asked where you want to save the key if you have selected „Export key to
file...“. As soon as you have selected a folder where the key should saved, please click on
„OK“.
Copying to clipboard is useful if you want to use the key(s) in a different program, website,
or article on the internet without having to use a separate file.
If you have selected „Export key to clipboard“, the keys are copied to the Windows clipboard and you can paste the keys into any textfield by pressing Ctrl-V.
7.9 Importing Keys
You can also import a key into the key management. To do this, click on the button „Import
key“ in the menu and choose the option „Import key from file...“ or „Import key from
clipboard“.
version 3.5
39
7 Key Management
Public keys can be published on websites in text form. To import these keys into your own
key ring, highlight the text and copy it with Ctrl-C. Afterwards, you can easily import the key
with „Import key from clipboard“ and use it.
If you have selected „Import key from file...“, a dialog will appear in which you can choose
a key file to import. The selected key will be imported when you click „OK“.
Tip:
You can also import keys from the file system per drag and drop.
If one of the keys to be imported was issued for an email address for which you have already
imported a key, you will be asked again as a precaution whether you want to disable the
already existing key before importing the new one.
If the same key is concerned you do not need to have any more worries as differences
between the keys will be automatically consolidated.
Afterwards, a summary will appear of the keys to be imported containing all necessary
information.
40
version 3.5
7 Key Management
Here, you can still exclude individual keys from being imported if necessary by clicking the
right mouse button on the key to be excluded and by clicking „Remove from selection“.
You can also determine the owner trust for the key to be imported (see paragraph 7.10.5).
For this purpose click the menu item „Owner trust“ first and select the new owner trust for
the keys there.
In order to finish the import of the key(s) click „Finish“.
7.10 Key Details
In order to look at one or more keys in detail you can click „Show details“ in the menu ribbon
„Start“ or you press the right mouse button on the selected key(s) and click „Details...“ in
the context menu.
version 3.5
41
7 Key Management
The key details have been subdivided into several sections which are listed on the left side
in the menu. The section „Private“ is only visible for keypairs. In order to change to another
section simply click the name of the section.
7.10.1 Summary
On the summary page you can see the most important information with regard to the selected key. The „Key-ID“ and the „Fingerprint“ identify the key, the Key-ID being a short
form of the fingerprint. The fingerprint should be synchronized during the exchange of the
keys, best by telephone (see paragraph 7.10.3).
42
version 3.5
7 Key Management
Additionally, the „Owner Trust“ and the „Key Validity“ are indicated. You can define the
owner trust yourself (see paragraph 7.10.5), the key validity will be determined by means of
already existing signatures and the owner trust of the signee.
The term „Key Validity“ means whether a key has been identified as valid by own signatures or by those of trusted keys. Here, the „Web of Trust“ also plays an important part.
A key is valid if it
• Was signed by one of your own keys
• Was signed by another key owner whom you trust fully
• Was signed by at least 3 other key owners whom you trust marginally
7.10.2 Private Key
If you open the section „Private“ in the details of a keypair, you can modify the passphrase
of the key, generate a revocation certificate or backup the complete keypair.
Attention:
version 3.5
You should never give the data backup with your private key or the revocation certificate to anyone else.
43
7 Key Management
7.10.3 Identities/Signing
In this area, all of the identities (User-IDs) for the given key are displayed. For key pairs,
you can add an identity or choose a main identity. Furthermore, you can confirm an identity
(sign) and hereby validate it in case you have disabled the option „Always treat all keys as
valid“. (see paragraph 9.9.1)
To give a new identity a key pair, click on „Add Identity...“ and enter the name and email
address for the identity. Clicking on „OK“ creates a new identity for the key.
If you have disabled „Always treat all keys as valid“ in the options, or want to validate a
public key and all of its identities, click on the button „Confirm/Sign All Identities...“
44
version 3.5
7 Key Management
Afterwards, indicate how sure you are about the authenticity of the signed key. With this selection, the strength of the signature is determined. Clicking on „OK“ will apply the signature
of the key.
Hint:
To be sure that the key belongs to the given person, you should compare
the fingerprint. This is best done by phone, since emails can be faked by
„Man-in-the-Middle“ attacks.
All programs that work with GnuPG show the primary identity of a key. You can change
the primary identity of the key to the currently selected identity by clicking „Set as Primary
Identity...“. The selected identity will be the primary identity from there on.
7.10.4 Public Key
On this page possibilities of how to distribute your public key have been placed at your
disposal.
version 3.5
45
7 Key Management
You can send your public key as an attachment to a new email or upload it to a keyserver
from where it can be imported by your contact partners. Moreover, you have the possibility
of exporting the public key as a file on your computer or a removable medium such as a
USB-stick.
Tip:
All those functions are also directly available to you in the overview by
pressing the right mouse button on a key.
7.10.5 Define Owner Trust
By means of the owner trust you can define how much you trust your contacts to sign foreign
keys and to classify them to be true. This permits to determine the key validity of other keys
on the basis of its signatures. If another key was signed by the issuer of the key the owner
trust of whom you set here, this will have direct influence on the key validity of the other key.
This principle is called „Web of Trust“. In this connection also consider paragraph 7.10.1.
46
version 3.5
7 Key Management
There are several selection possibilities at your disposal in order to define the trust in this
contact. You should however only choose the option „I have complete trust in the owner“
for own keys as this option will have another influence on the key validity as it is not intended
for foreign keys.
The level of trust indicated by you remains a secret of GnuPG and will, with the exception
of the integrated backup function, never be exported or transmitted to anyone else.
Tip:
You can also modify the owner trust directly by clicking the right mouse
button on a key in the overview.
7.11 Utilization of Keyservers
In addition to the possibilities to send keys per email, described in the paragraphs 6.1 and
6.2 you can also upload your public key on a keyserver in the Internet and from there also
import public keys of your communication partners.
For this purpose go back to the overview of the key management and select your key.
Change to the tab „Keyserver“ in the menu ribbon and select the keyserver on which you
want to upload your key.
version 3.5
47
7 Key Management
Click the button „Publish on keyserver“ then in order to upload the currently selected
key(s). Now you only have to inform your communication partner of the selected keyserver
so that he will be able to import your public key from there.
For importing a key from a keyserver you can enter your communication partner’s name or
key-ID in the search field in the lower section of the key management.
If the searched key is found you can select it and import it via the button „Import from
keyserver“.
48
version 3.5
7 Key Management
Tip:
You can also import the key via a click on the right mouse button on the
key which has been found or by holding the pressed left mouse button
and drawing the key into the above list.
7.12 Generating Revocation Certificate
With a revocation certificate a key can be permanently and irrevocably declared invalid. With
a public key declared invalid your communication partners can no longer write encrypted
emails to you. This makes sense for example for the case that another person has taken
possession of your private key and, thus, it cannot be secured any longer that emails signed
with it have actually been generated by you.
For generating a revocation certificate please choose the corresponding key in the overview
of the key management. Then select the button „Generate revocation certificate“ via the
menu ribbon in the tab „Revocation certificate“.
You will be asked for the reason why you want to generate a revocation certificate and can
furthermore write a comment on it specifying the reason or furnishing additional information.
This can be for example the key-ID of the new key which your contact partners shall utilize
afterwards.
version 3.5
49
7 Key Management
After having entered the reason click „OK“ and indicate the folder where the revocation
certificate shall be saved.
7.13 Applying Revocation Certificate
For the revocation of a key select it first and then go to „Apply revocation certificate“ in
the tab „Revocation certificate“ in the menu ribbon of the key management.
50
version 3.5
7 Key Management
Select the revocation certificate in the appearing file selection dialog and afterwards click
„Open“.
First, check the information of the revocation certificate. If you are sure that you want to
apply the revocation certificate place a checkmark with „Apply this certificate“ and click
„Revoke“ then.
Attention:
version 3.5
By revoking the key is made permanently unusable! In addition, the public
key is updated and must therefore be distributed to your communication
partners. If you have published the key on a keyserver too, you will have
to upload the updated key again.
51
8 Sending Rules
8 Sending Rules
In order to prevent you from having to manually select the settings for encrypting and signing
for each of your emails, sending rules have been provided in gpg4o performing this task for
you.
8.1 Management of Sending Rules
In the overview of the sending rules you have the possibility of sorting and testing your
existing rules without any influence on the rule evaluation.
For that click the item „Sending rules“ in the menu ribbon „gpg4o - GPG for Outlook“.
For generating a new rule click the button „Add...“ in the overview.
In the field „Rulename“ you enter an expressive name for this new rule. Having done
52
version 3.5
8 Sending Rules
that, complete the conditions. When working out the conditions take care to make them as
specifically as possible in order to avoid later conflicts.
Afterwards, you select the encrypting options to be utilized and the recipient’s public keys.
The keys will be utilized later for encrypting when sending the email if the rule is applied.
If you want gpg4o to select the appropriate key for you, you leave the selection with „Recipient’s current key“. Otherwise you select those keys here which shall be utilized for
encrypting the email.
8.2 Rule Evaluation
In order to apply a rule when sending an email all preconditions indicated in the domain
„Conditions“ have to be fulfilled.
When creating a new email all your rules are browsed and all matching rules are selected.
version 3.5
53
8 Sending Rules
This selection is based exclusively on the conditions of the individual rules and not on the
classification in the rules list.
The following example shows two rules:
Rule „Do not encrypt“ contains two conditions:
Rule „Encrypt intern“ contains one condition:
If you write an email to [email protected] now and if you select [email protected]
as sender, both of your rules will apply. Thus, you will come into conflict as the settings for
encrypting within the rules are different.
54
version 3.5
8 Sending Rules
In order to avoid this conflict in the future you can add further conditions to the rule „Encrypt
intern“:
Recipient is not [email protected]
Sender
is not [email protected]
version 3.5
55
9 Settings
9 Settings
With the settings you can adjust important options of gpg4o. Modifications of the options,
even if you switch between menu points, only become effective after saving.
9.1 View
On this page the general configuration settings are displayed permitting to adapt the aspect
R
of gpg4o and the integration into Microsoft Outlook
.
9.1.1 Language
The language may be adjusted between German and English. Please mind that when
modifying the language the settings have to be closed and opened again.
9.1.2 Encryption Status
Here, you may select in which areas of gpg4o the information with regard to decryption and
signature shall be displayed to you within an email. By default the display is only shown in
the normal email preview.
56
version 3.5
9 Settings
9.1.3 Send Options
If this configuration setting is active the ribbon with the send options will be hidden when
generating an email and the selected sending account has not been enabled for utilization
with gpg4o.
If the configuration setting is not active the send options will also be indicated in case of
inactive accounts.
9.1.4 Messages
As the user, you can decide whether or not you want to deactivate the repeating question
so that it does not appear anymore. An example would be the messagebox which appears
when a newer GnuPG version is found online within the start of Outlook. By confirming this
through the button, you are activating all deactivated messages again.
9.2 GnuPG
On the page GnuPG the version and the path to the installed GnuPG are displayed.
version 3.5
57
9 Settings
9.2.1 Path to gpg.exe/gpg2.exe
If necessary, you can also convert to other installations of GnuPG with the help of the button
„Search...“.
If you have not yet installed GnuPG the button „Download and Install“ will be shown to
you below the version number with which you can download GnuPG from the Internet and
install it. Here, the procedure is the same as with the installation by the configuration wizard.
Here, you will also find information with regard to the license of GnuPG and you have the
possibility of obtaining further information by means of the links, if available.
9.2.2 GnuPG Version Checking
gpg4o uses GnuPG to encrypt emails. This program is constantly being developed and
receives regular updates and new features. To keep GnuPG up to date, please activate the
option „Online update GnuPG version information every time Outlook starts“.
You receive a message when starting Outlook, when a new version of GnuPG is released.
You can then decide whether or not you want to install this new version. Confirming the
question with „Yes“ will redirect you to the page „GnuPG“ of the gpg4o settings. There
you can click on the button „Download and install GnuPG“ which will download and install
the latest version.
58
version 3.5
9 Settings
9.2.3 GnuPG Directory
By default GnuPG saves its keyring in the application folder of your user profile. If you want
to make use of another directory instead you can select an alternative directory here. This
directory will then be utilized in the future instead of the default directory of GnuPG.
Hint:
Already imported or generated keys will not be copied and will no longer
be available in the new directory. In the old directory, however, they will
still be existent. In order to be able to access these keys you have to
export them before and import them again after having changed to an
alternative directory (see paragraph 7).
9.2.4 GnuPG Agent
Since GnuPG 2.x the GnuPG Agent is applied in order to buffer the passphrase. The agent
is automatically started as soon as a GnuPG action in gpg4o is made. However, when
R
closing Microsoft Outlook
the GnuPG agent is not terminated by default. Thus, buffered
passphrases are not reset which might produce a security risk.
If you enable this option the GnuPG Agent will be terminated automatically with Microsoft
R
Outlook
thus removing preliminarily entered passphrases from the memory.
Hint:
The starting of the GnuPG Agent may take some seconds. This can be
noticed in particular if you select the first email for decrypting.
9.2.5 Buffering of the Passphrase
If you are using GnuPG 2.x you can determine here how long the passphrases you have
entered shall be buffered. The minimum duration of how long the passphrases are buffered,
is one minute.
9.3 Account Management
On this page the configuration of the individual email accounts is performed (usually one
R
email address corresponds to an account in Microsoft Outlook
).
version 3.5
59
9 Settings
Under the name of the selected email account you will find the associated settings. Place
the checkmark with „Use gpg4o for this email account“ if you want to decrypt messages
in this email account or if you want to send messages encrypted and/or signed.
Hint:
If you do not want to encrypt or sign at all in an email account you should
disable gpg4o for this account.
With the selection box „Keypair to use with this email account“ you define which keypair
shall be utilized for signing messages.
With the next two check boxes the default behavior of gpg4o with regard to the sending of
emails is determined. If you choose messages to be encrypted by default you also have to
define whether only the attachments or the entire message shall be encrypted.
If you regularly necessitate other configurations for certain situations you can set them with
the help of the sending rules (see paragraph 8).
The function of the selection box „When sending HTML email“ is to determine whether
when sending emails in HTML format a default demand has to be made, whether the HTML
format may be utilized or whether it shall be converted into the Plain-Text format before
sending.
You can send a testmail for the selected account. You can verify with the received testmail
whether encrypting and decrypting work correctly with your settings.
60
version 3.5
9 Settings
9.4 Settings for Sending and Receiving
9.4.1 Domain Based Key Search
You can enable the „Domain based key search“ if you do not want to search for a corresponding key for every missing key or if you own a global key for a company. Thus, a
possible suitable key from the recipient’s domain will be automatically proposed to you from
your key list in case of a missing key.
In order to enable the domain based key search place a checkmark with „Suggest alternative key if recipient’s key is missing“. gpg4o will do the rest for you.
If you write an email to „[email protected]“ but if you do not own a key for that
recipient gpg4o can now offer you an alternative key from the corresponding domain.
version 3.5
61
9 Settings
If you refuse that key you may perform - as normal - the manual selection for encrypting
your email.
9.4.2 Attachment Send Options
Many OpenPGP-applications do not only encrypt the email and the attachments but also
the file names of the attachments. gpg4o masters this technique and uses it as standard.
However, not every OpenPGP-application is compatible with this technique. Therefore, you
should activate the option „Keep filename“ if a recipient cannot decrypt the file names.
9.4.3 Public Folder
As standard you can only decrypt those emails which can be found in the folder of an account
enabled in gpg4o.
With this option you instruct gpg4o to decrypt emails in public folders irrespective of your
active accounts. The only precondition is that you own the private key of the recipient to
whom the email was sent. You can now let you show your emails as usual.
Please mind that this option is only utilized in public folders. For decrypting emails in other
folders the corresponding account has to be enabled (see paragraph 9.3).
9.5 Update
The developers of gpg4o regularly extend the software, improve its usability and add new
features (customers’ desires).
62
version 3.5
9 Settings
On this page you can perform a manual check for updates by clicking the button „Check
for update now“. If this verification shall be performed regularly place the checkmark with
„Check for updates every time Outlook starts“. By this, every time you start Microsoft
R
Outlook
a newer version of gpg4o is searched and this version is offered to you for installation.
You have an option to install an early release version of the latest gpg4o, by activating
„Also look for beta versions when checking for updates“. Through this, you can see the
improvements and new features of the upcoming version. You can also actively participate
in the development of gpg4o by letting us know about the errors. Beta versions are usually
released a few weeks before a new version of gpg4o is published.
Hint:
version 3.5
Please note that a beta version can contain errors. You should not use
these versions in a productive environment.
63
9 Settings
The updates are installed in the background and do not require any confirmations on your
R
part. When the installation is finished you should make a new start of Outlook
so that the
modifications become effective.
With the link „Visit our Shop“ you can purchase a license of gpg4o or an extension of the
product maintenance of gpg4o.
In the „Version history...“ the individual releases and their improvements of gpg4o can be
looked up.
9.6 Keyserver
On the page „Keyserver“ you have the possibility of displaying and editing the keyservers
utilized by gpg4o.
64
version 3.5
9 Settings
9.6.1 Keyserver
In order to add a new keyserver enter its address as a new line in the text field.
Hint:
Keep in mind that the address of the keyservers will not be checked with
regard to validity and that a wrong server cannot be reached.
In order to remove a keyserver, remove its entry in the text field. Thus, this keyserver will
not be utilized in gpg4o anymore.
9.6.2 Autoimport
Here, you may enter a keyserver from which keys will be automatically imported into the
local keyring while you generate an email. This is reasonable for example if you yourself
work with a private keyserver and only upload valid keys there.
The server indicated in this field need not necessarily be entered in the list of all keyservers
above in order to permit its use.
9.7 Backup
On this page you can import a saved backup or generate a backup, respectively. Above all,
a backup protects you from the loss of your keys in case of hardware failures.
version 3.5
65
9 Settings
Via the button „Export“ you generate a new backup. It comprises the following data:
•
•
•
•
•
All the keys, public keys as well as keypairs
The trust settings of the keys
The complete configuration of gpg4o including all account-settings
All defined sending rules
The gpg4o license file
With the button „Import“ you reload your preliminarily exported settings of gpg4o and,
thus, overwrite your current ones. Your keyring will be extended by the newly added keys
and those keys which were deleted since the last export, will be included again.
66
version 3.5
9 Settings
Tip:
A backup may also be utilized in order to move gpg4o to another computer.
Attention:
Only save the backup on your own physical data storage medium. You
should never upload the backup into the cloud.
9.8 System Information
In the system information you can find details regarding the product gpg4o, the license, the
operating system and GnuPG. There you can see, among others, the installation paths of
the individual products.
9.9 Extended Settings
On this page you will find settings which do not necessitate any modifications in the normal
operation or which do not require a better knowledge of the OpenPGP-Encryption. We
kindly ask you not to modify anything here, if you do not know about the consequences of
these modifications.
9.9.1 Always treat all keys as valid
It is true that deactivating this option will improve safety, however, it will also increase complexity and will require a considerable additional effort regarding the key management. If
you disable this option you will only be able to encrypt emails to be sent to those recipients
whose key you have signed or whose key has been recognized as valid by the „Web of
Trust“.
Example:
Here explain how you can check the authenticity of a key and make it valid. In this case
we are checking the authenticity of the gpg4o Support address of Giegerich & Partner and
making it valid.
version 3.5
67
9 Settings
Please open the key management and search for the key „Support gpg4o <[email protected]>“. Select the key and open the key details.
Please compare the fingerprint in the key details with the following fingerprint:
580C BDD8 2E8F 651C 0610 8298 69BF 849E BF1A A968
If the given fingerprint matches the fingerprint shown in the key details, then you can set the
authenticity of the Support key of Giegerich & Partner. Afterwards you can use this key for
safe communication.
To validate a key, please read the paragraph „Identities/Signing“ (see paragraph 7.10.3).
Hint:
You have to check and validate each and every key if you have deactivated
thet switch „Always treat all keys as valid“, before you can use them.
9.9.2 Insert GnuPG and gpg4o information in outgoing emails
If you encrypt and/or sign an email with gpg4o the GnuPG-Version and the gpg4o-Version
will be inserted in the GnuPG headlines if the option is active. As this has also been implemented like that for other OpenPGP-solutions this option is enabled as a standard. However,
you may also disable it in order to improve your safety. If one of your recipients has problems
with decrypting and/or displaying the email he will not be able to read with which software
68
version 3.5
9 Settings
the email was encrypted.
9.9.3 Advanced signature check activation
By default this option is disabled. If you select a PGP/MIME signed email you can activate
the advanced signature check. This option will kept active for all further PGP/MIME signed
emails.
version 3.5
69
10 Miscellaneous
10 Miscellaneous
10.1 What Is to Be Done in Case of Errors?
We kindly ask you to help us disclose and correct errors.
In order to be able to rapidly correct appearing errors we need a maximum of details concerning the error occurred. We kindly ask you to send us the error reports as well as the log
files via the corresponding email provided in gpg4o. (see paragraph 11.1)
If you have questions, critical remarks or suggestions for improvement we kindly ask you to
submit them to us in the same way or to write to our gpg4o & GnuPG Newsgroup (see
paragraph 11), for we are always receptive to listen to your problems.
10.2 gpg4o does not Start
If gpg4o is not visible anymore there are several possibilities of reactivating the add-in again.
First of all, kindly open your Outlook options by clicking „File“ in the menu ribbon and
selecting the menu item „Options“ there. In the following window click on the left side
„Add-Ins“.
70
version 3.5
10 Miscellaneous
Now, search on the right side the entry „gpg4o – GPG for Outlook“. If gpg4o can be found
under the item „Disabled Application Add-ins“ you are asked to follow paragraph 10.2.1.
If gpg4o can be found under the item „Inactive Application Add-ins“ please follow paragraph 10.2.2.
10.2.1 Disabled Application Add-ins
Select in the lower section next to the button „Go“ the entry „Disabled elements“ and
afterwards click the button „Go...“. In the window opened then select the entry „gpg4o
– GPG for Outlook“ and click the button „Enable“. Having done that, close the window
by clicking „Close“. After a moment gpg4o will be loaded again. Otherwise, it might be
necessary to enable gpg4o subsequently via the procedure described in paragraph 10.2.2.
10.2.2 COM-Add-Ins
Select in the lower section next to the button „Go...“ the entry „COM-Add-Ins“ and click the
button „Go...“ then. In the window open now search the entry „gpg4o – GPG for Outlook“
and place a checkmark in front of it. Afterwards, close the window by clicking „OK“. After
a moment gpg4o should be reloaded. Otherwise, there is perhaps an essential problem. In
this case you are asked to contact the support (see paragraph 11.1).
R
R
10.2.3 Microsoft Outlook 2013
and Outlook 2016
R
R
Outlook 2013
and Outlook 2016
analyze the load times of add-ins and automatically
disables add-ins with ordinarily longer uploading times.
version 3.5
71
10 Miscellaneous
If this is true for you please go to „File“ in the menu ribbon and there to „Manage Add-Ins“.
Select gpg4o and press the button „Enable this add-in“. Afterwards, please click the
button „Close“.
72
version 3.5
11 Help Center
11 Help Center
Via the help center you will get a simple and quick access to all important information regarding the utilization of gpg4o.
Here, you can open the manual, write an email to the technical support or to the sales
department or inform yourself about gpg4o on the Internet.
Via the menu entry „gpg4o on the Web“ you will gain access to the following Web pages:
•
•
•
•
•
Frequently asked questions
Forum
Website
Shop
Licensemanagement
In addition, you can call up the „About gpg4o“ dialog where the installed version of gpg4o
and information with regard to your license will be displayed to you. In this dialogue there is
also the possibility of importing a license file. (see paragraph 4.3.1)
11.1 Sending Log-Files
In order to send the log files to our support, kindly click „gpg4o – GPG for Outlook“ in the
R
menu ribbon of Microsoft Outlook
. Here, select the push button „Help Center“ and click
the entry „Contact support...“ then. Then, a preconfigured email will open automatically
with the log files as attachment.
version 3.5
73
11 Help Center
You are kindly asked to give precise description of the error occurred and of the steps which
you have carried out shortly before said error showed. In so doing, you help us localize the
error source and offer you a solution as fast as possible.
11.2 Contents of Log-Files
In order to optimize the efficiency of our development in the elimination of possibly occurring
errors, status reports are written into so-called log-files by gpg4o. These status reports
contain neither personal information nor passwords or contents of emails. Before sending
the email together with the log-files you can see the information passed on by unpacking the
attached zip-file. All files contained therein consist of plain text.
74
version 3.5
12 Uninstalling
12 Uninstalling
If you uninstall gpg4o or also GnuPG, all generated and imported keys will remain and will
be at your disposal again after a new installation.
12.1 Delete personal Data
If you want to delete your keys completely you should do this via the key management and
uninstall the program gpg4o only then.
Alternatively, you delete the directory of GnuPG. In this directory you will find all personal
data which are managed by GnuPG (Keyrings, trust settings and program configurations).
R
In addition, you should also delete the gpg4o user directory and the Microsoft Outlook
configuration directory. In these directories you can find the personal settings of gpg4o.
12.1.1 GnuPG Directory
%AppData%\Roaming\gnupg
Attention:
Please mind that not only the program gpg4o accesses GnuPG-keys.
Deleting the data may influence other programs.
By deleting the key data you will permanently lose access to your encrypted emails! Without the matching keys your emails cannot be decrypted.
12.1.2 gpg4o User Directory
%AppData%\Roaming\Giegerich & Partner GmbH\gpg4o\
R
12.1.3 Microsoft Outlook
Configuration Directory
%AppData%\Local\Microsoft_Corporation\gpg4o.vsto_...
This path varies depending on the computer and may be existent several times in similar
form.
12.2 Uninstalling under Windows Vista, 7, 8 or 10
In order to uninstall gpg4o click „Control Panel“ in the Windows start menu and browse
to the item „Programs“ there and afterwards to „Uninstall a Program“. You will now see
the list of all programs installed on your computer. Select „gpg4o – GPG for Outlook“ and
click „Uninstall“ in the menu.
12.3 Uninstalling GnuPG
In order to uninstall GnuPG click „Control Panel“ in the Windows start menu and browse
to the item „Programs“ there and subsequently to the item „Uninstall a Program“. You
will now see a list of all programs installed on your computer. Select the installed GnuPG
version 3.5
75
12 Uninstalling
and click „Uninstall“ in the menu.
76
version 3.5
13 Contact & Information
13 Contact & Information
The IT-solution provider Giegerich & Partner GmbH based in Dreieich near Frankfurt on
the Main specializes in the smooth and safe operation of networks and computer-controlled
applications. In addition to consulting and conception the company undertakes the entire
execution of IT projects as well as the operation of IT-systems and IT-solutions as outsourcing. Customer-specific individual solutions and the adaptation of IT-standard products to the
requirements of companies belong to the strength of the IT-specialist.
From consulting to conception, realization and support –
Giegerich & Partner offers it all.
Further information can be found under: http://www.giepa.de/
version 3.5
77
Related documents
(PGP) & GNU Privacy Guard (GPG)
(PGP) & GNU Privacy Guard (GPG)
Platform Licensing Information User Manual
Platform Licensing Information User Manual
The GNU Privacy Handbook
The GNU Privacy Handbook
POLI VAC User Manual
POLI VAC User Manual
Oracle Commerce Cloud Service Licensing Information User Manual
Oracle Commerce Cloud Service Licensing Information User Manual
SPA - IQ SERVIS, as
SPA - IQ SERVIS, as
User's Manual Trends 4.7 Web Reports System - INFODEV
User's Manual Trends 4.7 Web Reports System - INFODEV
Functional and Safety Guide for Battery Management System (BMS
Functional and Safety Guide for Battery Management System (BMS
Table of Contents
Table of Contents
F Manuel d`utilisation
F Manuel d`utilisation
Sample Planner for Attributes (TP105) User Manual
Sample Planner for Attributes (TP105) User Manual
PGP™ Desktop for Windows User`s Guide
PGP™ Desktop for Windows User`s Guide
Mode d`emploi Comptabilité Version 13
Mode d`emploi Comptabilité Version 13
EZ-CARE2 - SofterWare
EZ-CARE2 - SofterWare
Procombi Exclusive 24, 30 & 35
Procombi Exclusive 24, 30 & 35
Digital Carbon Monoxide Poisonous Gas Alarm
Digital Carbon Monoxide Poisonous Gas Alarm
SOFTWARE USER MANUAL
SOFTWARE USER MANUAL
Easy IEP User Manual 12-13
Easy IEP User Manual 12-13
CC3 web component user guide.book
CC3 web component user guide.book
PDF Manual
PDF Manual
ookkeeaapp Manual as PDF
ookkeeaapp Manual as PDF
PGP Support Package for BlackBerry BlackBerry Enterprise Server
PGP Support Package for BlackBerry BlackBerry Enterprise Server